Univention Bugzilla – Bug 41522
Check zone transfer
Last modified: 2018-12-21 09:00:13 CET
The usi-check tool should check if the serial number is identical between the DNS server and the LDAP entry if the ldap backend is used.
which serial number do you mean?
(In reply to Christina Scheinig from comment #1) > which serial number do you mean? # ucr get dns/backend ldap # dig +short @127.0.0.1 -p 53 `dnsdomainname` soa master41.phahn.qa. root.phahn.qa. 36 28800 7200 604800 10800 ^^ # dig +short @127.0.0.1 -p 7777 `dnsdomainname` soa master41.phahn.qa. root.phahn.qa. 36 28800 7200 604800 10800 ^^ <https://de.wikipedia.org/wiki/SOA_Resource_Record#Aufbau>
Created attachment 8260 [details] Check DNS SOA serial numbers WIP
Created attachment 8262 [details] Check DNS SOA serial numbers v2
Needs to be implemented as an additional online check while running on customer site. The dig part can be parsed offline through info/dig_AXFR But the ldap zone information is currently not collected at all.